full-time employee contract
Defense Health Agency DCoE ’s Office of the Chief Information Officer, or J6 organization oversees activities in IT Cyber-security, Information systems operations, Enclave desktop support, Mobile technology services, Infrastructure services and Information systems development and modernization. The mission of this project is to provide specialized technical expertise to support activities in the following area; security certification and accreditation, continuous monitoring of critical Information systems and engineering support for data networks and telecommunications that span across the enterprise.
· Provide ISSM/ISSO support staff to perform cyber-security related management support. ISSM’s shall be certified IAW DoD 8570.01-M. ISSO’s shall be certified IAW DoD 8570.01-M. The ISSM’s/ISSO’s will perform the following tasks:
· Evaluate, test, and assess Information systems.
· Attend required technical (e.g., operating system, networking, security management, SysAdmin) security training relative to assigned duties.
· Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS.
· Ensure that proper decisions are made concerning levels of concern for confidentiality, integrity, and availability of the data, and the protection level for confidentiality for the system.
· Report all security-related incidents to DCoE incident response coordinate.
· Initiate protective and corrective measures when a security incident or vulnerability is discovered
· Develop and maintain an accreditation/certification support documentation packages
· Ensure hardware meets Information Assurance compliance and guidelines and prepare Equpment Status Report
· Conduct periodic reviews to ensure compliance with the accreditation/certification support documentation package.
· Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
· Establish audit trails and ensuring their review.
· Knowledge of procedures to review networks, systems and applications for Networthiness Certification.
· Conduct ad-hoc, annual, quarterly, and weekly scans and prepare Project Status Report
· Assist in the detailed investigation and documentation of security incidents.
· Monitor DoD security related communication tasking orders. These task orders can range in complexity from informational notices to requirements needing many months of effort to implement.
Support the government's directive to implement all aspects of Common Access Card (CAC) login and Public Key Infrastructure (PKI) technology. Monitor and record cyber security training requirements for all users on a monthly basis through a Cyber Security Training Status Report.
Must possess one of the following certifications to start: CISSP, Security+, GSLC, CISM, CISA or ACAS.
Travel less than 10%